<?php

declare(strict_types=1);
//use Qbhy\SimpleJwt\EncryptAdapters as Encrypter;
//use Qbhy\SimpleJwt\Encoders;
/**
 * This file is part of hyperf-ext/auth.
 *
 * @link     https://github.com/hyperf-ext/auth
 * @contact  eric@zhu.email
 * @license  https://github.com/hyperf-ext/auth/blob/master/LICENSE
 */
return [
    /*
    |--------------------------------------------------------------------------
    | Authentication Defaults
    |--------------------------------------------------------------------------
    |
    | This option controls the default authentication "guard" and password
    | reset options for your application. You may change these defaults
    | as required, but they're a perfect start for most applications.
    |
    */

    'default' => [
        'guard' => 'token',
        'passwords' => 'users',
    ],

    /*
    |--------------------------------------------------------------------------
    | Authentication Guards
    |--------------------------------------------------------------------------
    |
    | Next, you may define every authentication guard for your application.
    | Of course, a great default configuration has been defined for you
    | here which uses session storage and the Eloquent user provider.
    |
    | All authentication drivers have a user provider. This defines how the
    | users are actually retrieved out of your database or other storage
    | mechanisms used by this application to persist your user's data.
    |
    */

    'guards' => [
//        'web' => [
//            'driver' => \HyperfExt\Auth\Guards\SessionGuard::class,
//            'provider' => 'users',
//            'options' => [],
//        ],
        'jwt' => [
            'driver' => \HyperfExt\Auth\Guards\JwtGuard::class,
            'provider' => 'users-jwt',
            'options' => [],
        ],
//        'jwt'     => [
//            'driver'      => Qbhy\HyperfAuth\Guard\JwtGuard::class,
//            'provider'    => 'users-jwt',
//            'secret'      => env('SIMPLE_JWT_SECRET'),
//
//            /*
//             * 可选配置
//             * jwt 默认头部token使用的字段
//             */
//            'header_name' => env('JWT_HEADER_NAME', 'Authorization'),
//
//            /*
//             * 可选配置
//             * jwt 生命周期，单位分钟
//             */
//            'ttl'         => (int)env('SIMPLE_JWT_TTL', 60 * 60),
//
//            /*
//             * 可选配置
//             * 允许过期多久以内的 token 进行刷新
//             */
//            'refresh_ttl' => (int)env('SIMPLE_JWT_REFRESH_TTL', 60 * 60 * 24 * 7),
//
//            /*
//             * 可选配置
//             * 默认使用的加密类
//             */
//            'default'     => Encrypter\PasswordHashEncrypter::class,
//
//            /*
//             * 可选配置
//             * 加密类必须实现 Qbhy\SimpleJwt\Interfaces\Encrypter 接口
//             */
//            'drivers'     => [
//                Encrypter\PasswordHashEncrypter::alg() => Encrypter\PasswordHashEncrypter::class,
//                Encrypter\CryptEncrypter::alg()        => Encrypter\CryptEncrypter::class,
//                Encrypter\SHA1Encrypter::alg()         => Encrypter\SHA1Encrypter::class,
//                Encrypter\Md5Encrypter::alg()          => Encrypter\Md5Encrypter::class,
//            ],
//
//            /*
//             * 可选配置
//             * 编码类
//             */
//            'encoder'     => new Encoders\Base64UrlSafeEncoder(),
//            //            'encoder' => new Encoders\Base64Encoder(),
//
//            /*
//             * 可选配置
//             * 缓存类
//             */
//            //'cache' => new \Doctrine\Common\Cache\FilesystemCache(sys_get_temp_dir()),
//            // 如果需要分布式部署，请选择 redis 或者其他支持分布式的缓存驱动
//            'cache'       => function () {
//                return make(\Qbhy\HyperfAuth\HyperfRedisCache::class);
//            },
//
//            /*
//             * 可选配置
//             * 缓存前缀
//             */
//            'prefix'      => env('SIMPLE_JWT_PREFIX', 'default'),
//
//        ],
//        'api' => [
//            'driver' => \HyperfExt\Auth\Guards\JwtGuard::class,
//            'provider' => 'users',
//            'options' => [],
//        ],
        'token' => [
            'driver' => \HyperfExt\Auth\Guards\TokenGuard::class,
            'provider' => 'users',
        ],
    ],

    /*
    |--------------------------------------------------------------------------
    | User Providers
    |--------------------------------------------------------------------------
    |
    | All authentication drivers have a user provider. This defines how the
    | users are actually retrieved out of your database or other storage
    | mechanisms used by this application to persist your user's data.
    |
    | If you have multiple user tables or models you may configure multiple
    | sources which represent each model / table. These sources may then
    | be assigned to any extra authentication guards you have defined.
    |
    */

    'providers' => [
        'users' => [
            'driver' => \HyperfExt\Auth\UserProviders\ModelUserProvider::class,
            'options' => [
                'model' => \App\Model\User::class,
                'hash_driver' => 'bcrypt',
            ],
        ],

        'users-jwt' => [
            'driver' => \HyperfExt\Auth\UserProviders\ModelUserProvider::class,
            'options' => [
                'model' => \App\Model\UserJWT::class,
                'hash_driver' => 'bcrypt',
            ],
        ],
//        'users-jwt' => [
//            'driver' => \Qbhy\HyperfAuth\Provider\EloquentProvider::class,
//            'model'  => App\Model\UserJWT::class, //  需要实现 Qbhy\HyperfAuth\Authenticatable 接口
//        ],
        // 'users' => [
        //     'driver' => \Hyperf\Auth\UserProvider\DatabaseUserProvider::class,
        //     'options' => [
        //         'connection' => 'default',
        //         'table' => 'users',
        //         'hash_driver' => 'bcrypt',
        //     ],
        // ],
    ],

    /*
    |--------------------------------------------------------------------------
    | Resetting Passwords
    |--------------------------------------------------------------------------
    |
    | You may specify multiple password reset configurations if you have more
    | than one user table or model in the application and you want to have
    | separate password reset settings based on the specific user types.
    |
    | The expire time is the number of minutes that the reset token should be
    | considered valid. This security feature keeps tokens short-lived so
    | they have less time to be guessed. You may change this as needed.
    |
    */

    'passwords' => [
        'users' => [
            'driver' => \HyperfExt\Auth\Passwords\DatabaseTokenRepository::class,
            'provider' => 'users',
            'options' => [
                'connection' => null,
                'table' => 'password_resets',
                'expire' => 3600,
                'throttle' => 60,
                'hash_driver' => null,
            ],
        ],
    ],

    /*
    |--------------------------------------------------------------------------
    | Password Confirmation Timeout
    |--------------------------------------------------------------------------
    |
    | Here you may define the amount of seconds before a password confirmation
    | times out and the user is prompted to re-enter their password via the
    | confirmation screen. By default, the timeout lasts for three hours.
    |
    */

    'password_timeout' => 10800,

    /*
    |--------------------------------------------------------------------------
    | Access Gate Policies
    |--------------------------------------------------------------------------
    |
    */

    'policies' => [
        //Model::class => Policy::class,
    ],
];
